1. Field of the Invention
The present invention relates generally to communications between computers, and more particularly without limitation, to a communication method and system having alternative request-response protocols such as Hyper Text Transfer Protocol (HTTP) and Hyper Text Transfer Protocol Secured (HTTPS).
2. Description of the Related Art
Hyper Text Transfer Protocol (HTTP) is an application protocol that is used for communication between an information server and a client on the Internet. Hyper Text Transfer Protocol Secured (HTTPS) is the HTTP protocol that implements the Secured Socket Layer (SSL) mechanism that provides automated encryption/decryption of messages transported via the HTTP. HTTP has communication methods that identify operations to be performed by a network application (e.g. commands that allow clients to request data from a server and send information to the server).
For example, to submit an HTTP request generated by a client application, the client contacts the HTTP server and transmits the request to the HTTP server. The request contains the communication command requested for the transaction (e.g. GET an object from the server, POST data to an object on the server) and any necessary data. The HTTP server responds to the client by sending a status of the request and/or the requested information. The connection is then terminated between the client and the HTTP server.
A client request therefore, consists of establishing a connection between the client and the HTTP server, performing the request, and terminating the connection. The HTTP server does not maintain any state about the connection once it has been terminated. HTTP is, therefore, a stateless application protocol. That is, a client can make several requests of an HTTP server, but each individual request is treated independently of any other request. The server has no recollection of any previous request.
For HTTP and HTTPS communication separate ports are required. The assignment of ports to HTTP and HTTPS communications is standardized: port 80 is the HTTP port and port 443 is the HTTPS port. Most firewalls are configured accordingly such that communication through the HTTP port 80 and the secure HTTPS port 443 is enabled.
Port 80 is the default port for HTTP communication and port 443 is the default port for HTTPS communication. However HTTP and HTTPS enable to select another port that is different from the default port setting. An arbitrary port can be selected by indicating the desired port number after the top level domain (tld) of the URL (Uniform Resource Locator) behind columns, e.g. http://www.domainname.tld:Port# or https://www.domainname.tld:Port#)
U.S. Pat. No. 6,212,640 relates to a method for resources sharing on the Internet via the HTTP. If a request submitted by an application to a server is denied, then a server that entrusts the application is identified, and the request is submitted to that server. A program code called “servlet” is implemented on that server to accept the requests submitted by a trusted application. The submitted requests are analyzed by the servlet and are forwarded to a resource server that can satisfy the requests. A response from the resource server is routed through the servlet back to the requesting application.
U.S. Pat. No. 6,412,009 relates to a method for providing a persistent HTTP tunnel. This method allows a terminal session to be supported by a real-time bi-directional persistent connection with the whole system. The bi-directional persistent connection allows interleaving of chunked data messages from the web client with chunked data messages on the web server on the persistent HTTP tunnel.
U.S. Pat. No. 6,233,688 relates to a generic naming scheme for remote access and firewall traversal in the form of a uniform resource locater. The remote access/firewall traversal procedure is made transparent to the client application and thus a wider area of client applications may be chosen for the data session with the resources beyond the firewall.
U.S. Pat. No. 6,081,900 relates to a method for secure intranet access. Web pages sent from a target server to an external client are scanned for non-secure URLs such as those containing “HTTP://” and modified to make them secure. The target server and a border server utilize various combinations of secure and non-secure caches.
U.S. Pat. No. 5,657,390 relates to a secure socket layer application program. In particular a handshake protocol and session key generation scheme is provided. When a client and a server application first establish a secure sockets connection they engage in a handshake protocol in which they negotiate security procedures, produce a master key and generate session keys to be used to encrypt and decrypt information transferred through the sockets connection.